Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
303
Views
0
Helpful
4
Replies

MAC Address Refresh Issue on VSS - Nexus 9K Remote Leaf Connection

JesusAngel
Level 1
Level 1

‎11-09-2024 01:08 PM - edited ‎11-09-2024 02:22 PM

Hello,

We have two Cisco 6807 chassis forming a Virtual Switch System (VSS) connected via port-channels to two pairs of Nexus 9K switches. The Nexus switches are configured as Remote Leafs within an ACI infrastructure. The interconnection VLAN between the VSS and the Nexus switches is VLAN 45. We are using MSTP on the VSS to block the port-channel in CPD B.

The VSS has IP address 192.168.1.2 on VLAN 45, while IP address 192.168.1.1 is configured on a remote firewall within the Cisco ACI infrastructure.

Network topologyNetwork topology

 

 

Here’s the issue we’re encountering:

When we shut down the ports on the port-channel from CPD A, the port-channel on CPD B correctly switches to forwarding mode, and everything works as expected. However, when we bring the ports on the port-channel in CPD A back up, MSTP places the port-channel on CPD B in a blocked state and sets CPD A’s port-channel to forwarding, as expected.

The problem arises because the MAC address for the interconnection IP still appears on the port-channel in CPD B. The topology change does not trigger a refresh for this MAC address, causing us to lose connection to the remote IP until the MAC address timeout (480 minutes) expires.

It's something similar to https://community.cisco.com/t5/switching/mstp-missing-topology-change-quot-clear-mac-quot-needed/m-p/5222141#M573033

Question:

Is there a way to force the MAC address to refresh immediately when the topology changes, so that it no longer points to the blocked port-channel on CPD B? Any guidance on resolving this would be greatly appreciated.

Thank you!

Labels:
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎11-09-2024 02:16 PM 

he problem arises because the MAC address for the interconnection IP still appears on the port-channel in CPD B

where is this IP SVI or Gateway IP resides in VSS ?

Layer 2 point of view that is working as expected, Layer 3 point of view we need to know how is that configured.

Default on cat 6K is 4hours and nexus as  remember will be 30min you change this depends on requirement, again my question tagged to above based on the configuration.

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

JesusAngel
Level 1
Level 1
In response to balaji.bandi

‎11-09-2024 02:23 PM

Hi,

 

The VSS has IP address 192.168.1.2 on VLAN 45, while IP address 192.168.1.1 is configured on a remote firewall within the Cisco ACI infrastructure.

Regards,

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to JesusAngel

‎11-10-2024 06:12 AM

where is the IP arp stuck in VSS ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

JesusAngel
Level 1
Level 1
In response to balaji.bandi

‎11-10-2024 08:27 AM

Hi,

In our setup, Po1 is the port-channel for CPD A, which is typically in a forwarding state. The MAC address for IP 192.168.1.1 is associated with this port-channel (Po1) while no MAC address is present on Po2. If I shut down the ports on Po1, Po2 switches to forwarding mode, and the MAC address for IP 192.168.1.1 moves to Po2. However, when I bring Po1 back up, the MAC address remains anchored on Po2 and does not transfer back to Po1. Since Po2 is now blocked, I lose connectivity to the IP until the MAC address is refreshed (aging time is 480 seconds).

#show mac-address-table aging-time
Vlan    Aging Time
----    ----------
Global  480
no vlan age other than global age configured

Regards,

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card